Overview Hijacking DLLs has been a very common technique for defense evasion, persistence and privilege escalation on Windows machines. I’ll explain and demonstrate two popular techniques used in ...

njRAT (aka Bladabindi, Njw0rm, LV) is a Remote Access Trojan (RAT) built on the .NET framework and targetted for Windows machines. It started appearing in 2012 and has recently become trending on t...

I will be showcasing how to setup CAINE for a virtual Forensics lab. CAINE is a great tool for digital forensics as it comes pre-packaged with tools such as Autopsy and Volatility. Also I will do a...

This will be a basic tutorial on how to setup a malware analysis lab. Of course this isn’t the only way to do it and you might need to have a different setup depending on what you’re trying to achi...

This is my first threat analysis report. I’ve picked the RedLine Stealer because it was gaining popularity in early 2020 and is still being widely spread in Dec 2021 (probably because of its contin...